Tech

Thursday, 15 December 2011

Malicious Android apps double in six months

The number of malicious apps mobile security firm Lookout has identified in less than six months has doubled to 1,000, according to a report from Lookout to be released tonight.

The vast majority of those dubious apps are found on third-party app stores and alternatives to the official Android Market, the company said.

"2011 has seen the emergence of a credible field of Android malware with a 4 percent yearly likelihood of an Android user encountering malware, which was a significant increase compared to the beginning of the year. In the beginning of 2011 we measured a 1 percent yearly likelihood," Lookout says in its report, titled "Malwarenomics: 2012 Mobile Malware Predictions."

"The U.S. is in the middle of the pack in terms of mobile malware compared to other countries, including Russia, Israel and China," said Derek Halliday, senior security product manager at Lookout.

Meanwhile, Android users are increasingly at risk--like users on all mobile platforms are--of unwittingly clicking on links that lead to malware and phishing sites.

"The global yearly likelihood of an Android user clicking on an unsafe link is 36 percent (6 percent higher than July 2011)," the report says. "In the United States, the likelihood is higher than the global average at 40 percent."

Lookout also has detected a rise in the amount of what it calls "mobile pickpocketing," apps and malware that surreptitiously charge fees to the phone owner, including GGTracker, which signs phones up for premium text message subscription services without the owner's knowledge. There's also the RuFraud apps that pose as free versions of wallpaper or popular games but hide terms of service that allow the developers to sign the phones up for expensive SMS rates.

The Lookout report predicts that we'll see more of these threats, as well as increased use of: mobile phones in botnets to send spam and steal data; malware that exploits weaknesses in mobile operating systems; browser-based attacks; malware hiding in mobile advertisements; and tools that allow for automatic repackaging of legitimate apps to add malware.

Lookout cautions against using third-party app stores and clicking on in-app ads, and advices caution when clicking on apps that ask you to click "OK," as well as when clicking on shortened URLs. In addition, people should check reviews on gaming, utility and porn apps before downloading them because they are the types of apps most likely to contain malware.